The Ethereum Foundation has announced it will likely be growing the network’s bug bounty payouts fourfold in front of the blockchain’s transition to proof-of-stake.
Inside a Wednesday blog publish, the Ethereum Foundation stated between August. 24 and Sept. 8, all “Merge-related bounties for vulnerabilities” is going to be quadrupled for white-colored hats testing the network. Based on the foundation, identifying “critical bugs” — individuals that have a superior impact or probability of a higher effect on the blockchain — is definitely worth as much as $a million. The bounty program also enables submissions for low, medium and-risk bugs.
• Merge Bug Bounty Bonus: There’s a 4X MULTIPLIER between now and 08 September on all bounties and vulnerabilities, with critical bugs worth as much as $1mm USD
• See full publish for updated Execution Layer (EL) and Consensus Layer (CL) client links, more about The Merge, as well as an FAQ
— Frederick Schweitzer (@JBSchweitzer) August 24, 2022
Included in the transition to proof-of-stake, the building blocks stated the Ethereum Network “must first be activated around the Beacon Chain using the Bellatrix upgrade,” a celebration likely to happen on Sept. 6, using the Merge likely following between Sept. 10 and 20. Core developers formerly announced a tentative Merge date of Sept. 15 once the Total Terminal Difficulty, or TTD — the problem from the final found block — will trigger the finish of proof-of-work and the beginning of proof-of-stake.
“The incremental difficulty added per block relies upon the network hash rate, that is volatile,” stated the building blocks. “If more hash rate joins the network, TTD is going to be arrived at sooner. Similarly, if hash rate leaves the network, TTD is going to be arrived at later.”
The building blocks added that Ether (ETH) holders and users largely didn’t have to take any pursuit before the Merge apart from to “be looking for scams.” Mining won’t be possible following a transition, while stakers and node operators will both have to run an execution layer client, using the latter doing this having a consensus layer client.
In This summer 2020, the Ethereum Foundation announced it’d launched public “attack networks” for Ethereum 2. for white-colored hats to try to exploit potential issues within the clients, supplying a $5,000 bounty at that time. However, in August 2021, a vulnerability affecting earlier versions of 1 of Ethereum’s software clients, Geth, caused over fifty percent the network’s nodes to separate. The Merge will need the most recent form of Geth being an execution client.
Related: MakerDAO launches greatest ever bug bounty with $10M reward
Other projects have offered as much as $a million or even more in bug bounties targeted at finding exploits inducing the theft or chance of losing millions, as Sky Mavis did in April 2022 carrying out a $600-million hack around the Ronin Network. In June, Ethereum bridging and scaling solution Aurora compensated a $6-million bounty to some white-colored hat hacker who discovered a vital bug.